home

utorrent.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from search.data.bg.
MD5:
4b8febd44dabdfc31f9bfa03ebbf2bf2

SHA-1:
6ea1ae27dd8dc5f0fc260882f9c8183c339a6a71

SHA-256:
6dd76ff33f7caac77464669d2387e31c1bff3ad5a3b120b969ea80b9f740e8f2

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
1/13/2025 8:18:14 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.PECompact-1
0.98/18011

Quick Heal
(Suspicious) - DNAScan
7.14.11.00

SUPERAntiSpyware
Trojan.Dropper/Gen
10477

File size:
173.1 KB (177,251 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\tc up\plugins\media\utorrent\utorrent.exe

File PE Metadata
Compilation timestamp:
10/5/2006 7:01:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:ip9M5/uBbvr8rXitE61vK9FND8SX6Qs/762x/HmUX61SpopySoO0vBPsQ4eXmTRt:ipGMbvrDuGvKJ8SXq/fySpop0vije2OI

Entry address:
0x1000

Entry point:
B8, 8C, C9, 46, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 47, 2C, B1, 26, 30, 7B, 21, 0B, 56, D5, 4F, DB, 0C, F4, 65, CE, 37, 03, D8, D2, 91, 94, 61, 98, B4, 2B, E1, 17, 1B, F1, 21, F5, 3F, 4A, 5E, 29, 0B, BC, A6, 4B, EF, 64, E0, 13, 94, 1D, 1D, 6E, AF, 43, 47, 85, ED, 1B, 8A, 8E, 5C, F0, 1C, A5, BF, 65, A9, A4, E0, 50, 86, 1A, 9F, 10, BC, 3F, 8E, 53, 42, C2, A8, 82, 40, 14, 7B, C1, 09, 73, 6A, BC, 82, 7A, 65, 24, D1, FB, 01...
 
[+]

Packer / compiler:
PECompact v2

Code size:
212 KB (217,088 bytes)

The file utorrent.exe has been seen being distributed by the following URL.

http://search.data.bg/.../ZGJnZGxfMzE1NTAwMzQ=

Scan utorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.